Two security vulnerabilities in Safari are being addressed in an update of the browser software released by Apple earlier today. This update coincides with Apple’s iOS 6.0.1 software update, which addressed multiple security problems. The 48.5 MB update to Safari 6.0.2 is available for OS X Lion and OS X Mountain Lion, and is recommended as it fixes security flaws in the software.

At first, the Twitter user who publicised this flaw was criticised by some people, who considered his tweet to be “irresponsible disclosure”, because it told the world about a problem that it might have been better to tell Apple about privately first so the hole could be closed and then announced.

But others soon realised that this was not a brand new discovery – indeed, it had been discussed more than two weeks ago on Apple’s on support forum.

Apple’s official policy of saying nothing about security issues until a fix is out meant that there wasn’t much to go on once the news broke, except to assume that the company was frantically coding up a fix…

At first, the Twitter user who publicised this flaw was criticised by some people, who considered his tweet to be “irresponsible disclosure”, because it told the world about a problem that it might have been better to tell Apple about privately first so the hole could be closed and then announced.

But others soon realised that this was not a brand new discovery – indeed, it had been discussed more than two weeks ago on Apple’s on support forum.

Apple’s official policy of saying nothing about security issues until a fix is out meant that there wasn’t much to go on once the news broke, except to assume that the company was frantically coding up a fix…

In software, there are bugs, and there are dangerous bugs. It looks like macOS High Sierra has one of those dangerous bugs; one that could give someone full access to virtually any user account. And holy buckets, it is scary.

In software, there are bugs, and there are dangerous bugs. It looks like macOS High Sierra has one of those dangerous bugs; one that could give someone full access to virtually any user account. And holy buckets, it is scary.

THERE ARE HACKABLE security flaws in software. And then there are those that don't even require hacking at all—just a knock on the door, and asking to be let in. Apple's macOS High Sierra has the second kind.

On Tuesday, security researchers disclosed a bug that allows anyone a blindingly easy method of breaking that operating system's security protections. Anyone who hits a prompt in High Sierra asking for a username and password before logging into a machine with multiple users, they can simply type "root" as a username, leave the password field blank, click "unlock" twice, and immediately gain full access.

In other words, the bug allows any rogue user that gets the slightest foothold on a target computer to gain the deepest level of access to a computer, known as "root" privileges. Malware designed to exploit the trick could also fully install itself deep within the computer, no password required.

THERE ARE HACKABLE security flaws in software. And then there are those that don't even require hacking at all—just a knock on the door, and asking to be let in. Apple's macOS High Sierra has the second kind.

On Tuesday, security researchers disclosed a bug that allows anyone a blindingly easy method of breaking that operating system's security protections. Anyone who hits a prompt in High Sierra asking for a username and password before logging into a machine with multiple users, they can simply type "root" as a username, leave the password field blank, click "unlock" twice, and immediately gain full access.

In other words, the bug allows any rogue user that gets the slightest foothold on a target computer to gain the deepest level of access to a computer, known as "root" privileges. Malware designed to exploit the trick could also fully install itself deep within the computer, no password required.

Apple, Apple, Apple. What are we going to do with you? In your most recent High Sierra macOS release, it turns out you've given a way for any local user to take over a Mac -- lock, stock, and two smoking barrels.

This exploit doesn't require any mad NSA-type hacker skillz. All you have to do is go to System Preferences, then Users and Groups, and click the lock to make changes. Then, enter "root" as your username without a password. Shazam! You're in.

As on any Unix/Linux-based system, the root user can control all administration functions and can read and write to any file system, including those of other users. In theory, root is disabled on Apple systems unless expressly authorized. Wrong!

Once in, you can edit your own permissions. For example, want to give yourself administrator privileges? Sure! Or, you can set up new administration-level accounts. Once you've done that, you can do anything your heart desires within the system.

Apple, Apple, Apple. What are we going to do with you? In your most recent High Sierra macOS release, it turns out you've given a way for any local user to take over a Mac -- lock, stock, and two smoking barrels.

This exploit doesn't require any mad NSA-type hacker skillz. All you have to do is go to System Preferences, then Users and Groups, and click the lock to make changes. Then, enter "root" as your username without a password. Shazam! You're in.

As on any Unix/Linux-based system, the root user can control all administration functions and can read and write to any file system, including those of other users. In theory, root is disabled on Apple systems unless expressly authorized. Wrong!

Once in, you can edit your own permissions. For example, want to give yourself administrator privileges? Sure! Or, you can set up new administration-level accounts. Once you've done that, you can do anything your heart desires within the system.

Breaking into a locked iPhone X shouldn't ever be described as simple, but according to a group of security researchers, that's exactly where we find ourselves.

The same Vietnamese team that managed to trick Face ID with an elaborately constructed mask now says it has found a way to create a replicated face capable of unlocking Apple's latest and greatest biometric using a series of surreptitiously snagged photographs.

SEE ALSO: No one agrees on whether or not a dead body will unlock a smartphone

Apple has copped to the fact that Face ID, for all its technical prowess, isn't perfect. It can be tricked by twins. For most people, however, that security threat is a nonexistent one. But what about masks? The Cupertino-based company assured customers that it had designed the biometric-powered safeguard with that attack in mind — yet the researchers at Bkav are here to rain on that particular parade.

"These materials and tools are casual for anyone."They built a relatively inexpensive mask which, according to a blog post and video demonstration, was able to fool Face ID into unlocking.

Breaking into a locked iPhone X shouldn't ever be described as simple, but according to a group of security researchers, that's exactly where we find ourselves.

The same Vietnamese team that managed to trick Face ID with an elaborately constructed mask now says it has found a way to create a replicated face capable of unlocking Apple's latest and greatest biometric using a series of surreptitiously snagged photographs.

SEE ALSO: No one agrees on whether or not a dead body will unlock a smartphone

Apple has copped to the fact that Face ID, for all its technical prowess, isn't perfect. It can be tricked by twins. For most people, however, that security threat is a nonexistent one. But what about masks? The Cupertino-based company assured customers that it had designed the biometric-powered safeguard with that attack in mind — yet the researchers at Bkav are here to rain on that particular parade.

"These materials and tools are casual for anyone."They built a relatively inexpensive mask which, according to a blog post and video demonstration, was able to fool Face ID into unlocking.

BY NOW, IF you’re an iPhone owner, you’ve probably updated to iOS 11 by now. If not, you really should, and not just for the animoji. The latest iOS update bakes in a few important security updates that you’re going to want to tap into.

What’s new? For starters, you can limit each individual app on your phone to tracking your location either all the time, only when you’re using it, or never. Just head to Settings, then Privacy, then Location Services to set how liberally you want to share your GPS info.

After that, head straight to Safari settings to flip on a few new features that weren’t available in earlier iOS versions. Go ahead and turn on Block Pop-ups, Prevent Cross-site Tracking, and Ask Websites Not To Track Me. They’ll go a long way to keep advertisers from following your every move online.

And if you got a fancy new iPhone X and you’re not sure about this whole Face ID thing—although frankly, it’s pretty darn secure—remember that you can always turn it off and just use a PIN instead. Or, if you’re worried about law enforcement forcing you to open your phone with your face, you can disable both it and Touch ID on the go by squeezing the side button and one of the volume buttons at the same time.

BY NOW, IF you’re an iPhone owner, you’ve probably updated to iOS 11 by now. If not, you really should, and not just for the animoji. The latest iOS update bakes in a few important security updates that you’re going to want to tap into.

What’s new? For starters, you can limit each individual app on your phone to tracking your location either all the time, only when you’re using it, or never. Just head to Settings, then Privacy, then Location Services to set how liberally you want to share your GPS info.

After that, head straight to Safari settings to flip on a few new features that weren’t available in earlier iOS versions. Go ahead and turn on Block Pop-ups, Prevent Cross-site Tracking, and Ask Websites Not To Track Me. They’ll go a long way to keep advertisers from following your every move online.

And if you got a fancy new iPhone X and you’re not sure about this whole Face ID thing—although frankly, it’s pretty darn secure—remember that you can always turn it off and just use a PIN instead. Or, if you’re worried about law enforcement forcing you to open your phone with your face, you can disable both it and Touch ID on the go by squeezing the side button and one of the volume buttons at the same time.

Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers.

The flaw was first reported by the publication 9to5Mac on Thursday. According to the publication, the vulnerability requires an iPhone or iPad running the latest iOS 11.2 that is linked to the HomeKit user’s iCloud account.

Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers.

The flaw was first reported by the publication 9to5Mac on Thursday. According to the publication, the vulnerability requires an iPhone or iPad running the latest iOS 11.2 that is linked to the HomeKit user’s iCloud account.

Apple released a security update Wednesday to fix a major bug that allowed anyone to bypass security protocols and act as a computer's administrator.

"Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS," a spokesperson for Apple said in a statement. "When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole."

The security issue impacted macOS High Sierra 10.13.1. Apple says the update is now available for download and will be rolled out automatically to all systems running the affected software.On Tuesday, developers noticed that someone with access to a Mac computer running Apple's most recent Mac software could type "root" and no password in the Users & Groups section of System Preferences and gain administrator-level access to the computer.

Apple released a security update Wednesday to fix a major bug that allowed anyone to bypass security protocols and act as a computer's administrator.

"Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS," a spokesperson for Apple said in a statement. "When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole."

The security issue impacted macOS High Sierra 10.13.1. Apple says the update is now available for download and will be rolled out automatically to all systems running the affected software.On Tuesday, developers noticed that someone with access to a Mac computer running Apple's most recent Mac software could type "root" and no password in the Users & Groups section of System Preferences and gain administrator-level access to the computer.

Update: Apple has acknowledged the issue and is working on it. Statement and workaround below.

Wow, this is a bad one. On Macs running the latest version of High Sierra — 10.13.1 (17B48) — it appears that anyone can log in just by putting “root” in the user name field. This is a huge, huge problem. Apple will fix it probably within hours, but holy moly. Do not leave your Mac unattended until this is resolved.

The bug is most easily accessed by going to Preferences and then entering one of the panels that has a lock in the lower left-hand corner. Normally you’d click that to enter your user name and password, which are required to change important settings like those in Security & Privacy.

No need to do that any more! Just enter “root” instead of your user name and hit enter. After a few tries, it should log right in. There’s no need to do this yourself to verify it. Doing so creates a “root” account that others may be able to take advantage of if you don’t disable it.

Update: Apple has acknowledged the issue and is working on it. Statement and workaround below.

Wow, this is a bad one. On Macs running the latest version of High Sierra — 10.13.1 (17B48) — it appears that anyone can log in just by putting “root” in the user name field. This is a huge, huge problem. Apple will fix it probably within hours, but holy moly. Do not leave your Mac unattended until this is resolved.

The bug is most easily accessed by going to Preferences and then entering one of the panels that has a lock in the lower left-hand corner. Normally you’d click that to enter your user name and password, which are required to change important settings like those in Security & Privacy.

No need to do that any more! Just enter “root” instead of your user name and hit enter. After a few tries, it should log right in. There’s no need to do this yourself to verify it. Doing so creates a “root” account that others may be able to take advantage of if you don’t disable it.

A newly-discovered flaw in macOS High Sierra — Apple’s latest iteration of its operating system — allows anyone with local (and, apparently in some cases, remote) access to the machine to log in as the all-powerful “root” user without supplying a password.Fortunately, there is a simple fix for this until Apple patches this inexplicable bug: Change the root account’s password now.

A newly-discovered flaw in macOS High Sierra — Apple’s latest iteration of its operating system — allows anyone with local (and, apparently in some cases, remote) access to the machine to log in as the all-powerful “root” user without supplying a password. Fortunately, there is a simple fix for this until Apple patches this inexplicable bug: Change the root account’s password now.

Sharing your scoops to your social media accounts is a must to distribute your curated content. Not only will it drive traffic and leads through your content, but it will help show your expertise with your followers.

Integrating your curated content to your website or blog will allow you to increase your website visitors’ engagement, boost SEO and acquire new visitors. By redirecting your social media traffic to your website, Scoop.it will also help you generate more qualified traffic and leads from your curation work.

Distributing your curated content through a newsletter is a great way to nurture and engage your email subscribers will developing your traffic and visibility.
Creating engaging newsletters with your curated content is really easy.